XWidgetSoft Forum

I've been a Pro member for about a year now.
Recently, I've been getting warnings from MalwareBytes that XWidget.exe is trying to establish an outgoing connection with cnrdn.com at IP address 42.156.140.191.
This entity is apparently based in Eastern China & the IP address has been associated with threat events (malware, phishing) according to various sources.
Why is XWidget.exe trying to establish this unauthorized connection?

Hi,
Thanks for you report,This is an abandoned feature of China-online-update-users-statistics that has been removed long time ago and only for Chinese-Language-Users ,Other language versions of XWidget do not have this feature . this IP address is xwidget chinese-online-update-users-statistics server powerby famous chinese statistics provider http://www.cnzz.com/, xwidget connect this link to get new Chinese-Version information and record the Chinese users number of online upgrade users , please upgrad to the last version of XWidget without this function. Thank you.

Tony

_________________
XWidget Software Developer
[XWidget for Android] [Lastest version of XWidget] [Lastest patch of XWidget]
[XDesktop for Android/Windows]

I have never installed a Chinese language version. Don't speak Chinese, so there can be no doubt of that fact.
I find this very disturbing.
Have XWidget v1.9.14.618 installed, but I'll be uninstalling it & running numerous anti-malware tools to ensure it is actually gone.
I purchased & used XWidget in good faith, but in light of this situation, I feel my trust was misplaced.
How disappointing and shameful.

I am sorry for this old problem,but I reiterate that this is a statistical function that has been removed long time ago. only in old version of xwidget.

XWidget is 100% clean,this is the report that scan by all famous AniVirus engine : https://www.virustotal.com/#/file/d3659 ... /detection

_________________
XWidget Software Developer
[XWidget for Android] [Lastest version of XWidget] [Lastest patch of XWidget]
[XDesktop for Android/Windows]

Malwarebytes appears to feel differently. Here's a report concerning the attempt to make this outgoing connection today:


In addition to MalwareBytes considering cnrdn 42.156.140.191 "riskware", a quick search for that IP address brings up the following, which also report this as an unsafe entity:
http://www.herdprotect.com/domain-cnrdn.com.aspx
https://cymon.io/42.156.140.191

Regardless, it's clear that I can no longer trust XWidget. Had I not been running an anti-malware program, there would've been nothing to stop this unauthorized connection from being made without my knowledge/permission.

I enjoyed using XWidget. I felt I should support the effort & did so by purchasing a Pro license.
Sadly, I don't feel I can support XWidget any longer. This is very disheartening.
I'll not bother you further.
Good luck to current users.

This is a false positive, you can check other ALL famous Anti-virus engine scan report are 100% : https://www.virustotal.com/#/file/d3659 ... /detection

_________________
XWidget Software Developer
[XWidget for Android] [Lastest version of XWidget] [Lastest patch of XWidget]
[XDesktop for Android/Windows]

Some antivirus software are very sensitive to false alarms. Antiviruses or antimalware with false alarms exist for years. But this does not mean that there is something to worry about at all cost. Even malawarebytes that you reported confirms it.
As you can see from above from the official scannings, XWidget is 100% CLEAN!
More than that..

_________________
...and remember: don't take life too seriously...
My profile on Deviantart: http://jimking.deviantart.com/